8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.17.25.14:443

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 05 Jul 2023 13:29:58 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3091296
expires: Mon, 24 Jun 2024 13:29:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQm3osT5J8olqNJWHo%2Fk6ODb51H8WiApfjr5bZP1TNNCCxyO09m0%2BRzBoBsqUuc8Ed3S6SzJ2PrBZtm5KpzhXFptXiDynZHe%2BOdiKxcIOAy4HV5vDXCLJ5fDWJR%2F%2BA7%2BpBlV0Gmq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7e1ff5bb7fefb968-AMS
alt-svc: h3=":443"; ma=86400

104.18.10.207:443

GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/2.0
host: stackpath.bootstrapcdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 05 Jul 2023 13:29:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NL
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
access-control-allow-origin: *
cdn-cachedat: 07/27/2021 10:45:59
cdn-edgestorageid: 766
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d340f8654a4f39d0647fd3c821d8fb7a
cdn-cache: HIT
cf-cache-status: HIT
age: 21801593
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7e1ff5bb7cf70a75-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

142.251.36.42:443

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

104.18.11.207:443

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/2.0
host: maxcdn.bootstrapcdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 05 Jul 2023 13:29:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 2021-06-08 14:35:59
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: eefa06f81ccaf21fa5451ec613a67069
cdn-cache: HIT
cf-cache-status: HIT
age: 2354215
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7e1ff5bc6f19b788-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

172.67.71.45:443

GET /wp-content/uploads/2020/08/Microsoft-Excel-Logo-500x313.png HTTP/2.0
host: 1000logos.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 05 Jul 2023 13:29:58 GMT
content-type: image/png
content-length: 25979
last-modified: Sat, 12 Feb 2022 06:15:35 GMT
etag: "62075087-657b"
cf-cache-status: HIT
age: 1840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjBaD%2BBypUaqgWJDmx1z22Ry6D1VxXWfnfoWaF8uv6%2FgqfKGTxdnLHOkKs%2BXpfd6%2BWCQQvTtGLIX7yOyMILGvqon7cfHfwJed33S5fCmVC5C9h7pDD1oXIoHQrpCuAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7e1ff5bc9a0e0a64-AMS

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

2.16.241.97:443

GET /serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=b45f6007-71df-44b4-8668-ff503aa8bc54&ocid=windows-windowsShell-feeds&user=m-f6100d52207b421d8a275b2b199b44dd&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask HTTP/2.0
host: assets.msn.com
x-search-account: None
accept-encoding: gzip, deflate
x-device-machineid: {9A0AA320-02A9-4895-93BF-E83F6D53852E}
x-userageclass: Unknown
x-bm-market: US
x-bm-dateformat: M/d/yyyy
x-device-ossku: 48
x-bm-dtz: 0
x-deviceid: 0100B2E609000CC3
x-bm-windowsflights: FX:119E26AD,FX:11D898D7,FX:11DB147C,FX:11DE505A,FX:11E11E97,FX:11E3E2BA,FX:11E50151,FX:11E9EE98,FX:11F1992A,FX:11F4161E,FX:11F41B68,FX:11FB0F2F,FX:1201B330,FX:1202B7FC,FX:120BB68E,FX:121A20E1,FX:121BF15F,FX:121E5EC8,FX:122D8E86,FX:123031A3,FX:1231B88B,FX:123371B1,FX:1233C945,FX:123D7C31,FX:1240013C,FX:1246E4A3,FX:1248306D,FX:124B38D0,FX:1250080B,FX:125A7FDA,FX:1264FA75,FX:126DBC22,FX:127159BE,FX:12769734,FX:127C935B,FX:127DC03A,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5
sitename: www.msn.com
x-bm-theme: 000000;0078d7
muid: F6100D52207B421D8A275B2B199B44DD
x-agent-deviceid: 0100B2E609000CC3
x-bm-onlinesearchdisabled: true
x-bm-cbt: 1688563799
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
x-device-isoptin: false
accept-language: en-US, en
x-device-touch: false
x-device-clientsession: FA61E94E177247B7842B9167E3BFA68A
cookie: MUID=F6100D52207B421D8A275B2B199B44DD

HTTP/2.0 200
content-type: application/json; charset=utf-8
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin: *.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
content-encoding: gzip
ddd-authenticatedwithjwtflow: False
ddd-usertype: AnonymousMuid
ddd-tmpl: lowT:0;IsRecoNewUser:1;coldStart:1;coldStartUpsell:1;lowC:0;BingRecoCode:Success;SageUser:0;winbadge:1;partialResponse:1;tbn:0
x-wpo-activityid: 5B31D1E8-711B-489E-B986-6B665F863213|2023-07-05T13:30:01.7212928Z|fabric:/wpo|FRC|WPO_33
ddd-feednewsitemcount: 1
ddd-activityid: 5b31d1e8-711b-489e-b986-6b665f863213
ddd-strategyexecutionlatency: 00:00:00.6204282
ddd-debugid: 5b31d1e8-711b-489e-b986-6b665f863213|2023-07-05T13:30:01.7264825Z|fabric:/winfeed|FRC|WinFeed_2
onewebservicelatency: 622
x-msedge-responseinfo: 622
x-ceto-ref: 64a57059846447488a90cf80c132e052|2023-07-05T13:30:01.101Z
expires: Wed, 05 Jul 2023 13:30:01 GMT
date: Wed, 05 Jul 2023 13:30:01 GMT
content-length: 1528
akamai-request-bc: [a=2.16.240.33,b=27741844,c=g,n=DE_HE_FRANKFURT,o=20940],[a=20.74.25.147,c=o]
server-timing: clientrtt; dur=24, clienttt; dur=634, origin; dur=633 , cdntime; dur=1
akamai-cache-status: Miss from child
akamai-server-ip: 2.16.240.33
akamai-request-id: 1a74e94
x-as-suppresssetcookie: 1
cache-control: private, max-age=0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
vary: Origin

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

178.208.94.221:443

POST /hunter/hunt/baby6.php HTTP/2.0
host: fronterz.com
content-length: 64
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: application/json, text/javascript, */*; q=0.01
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
server: nginx
date: Wed, 05 Jul 2023 13:30:20 GMT
content-type: application/json
x-powered-by: PHP/8.0.29
access-control-allow-origin: *
x-powered-by: PleskLin
content-encoding: br

8.8.8.8:53

92.122.101.18:80

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 05 Jul 2023 14:30:20 GMT
Date: Wed, 05 Jul 2023 13:30:20 GMT
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53